package com.deyuanyun.pic.web.interceptor;

import com.deyuanyun.pic.cache.SessionCacheSupport2;
import com.deyuanyun.pic.common.util.ajax.AjaxResponse;
import com.deyuanyun.pic.controller.dto.UserSessionVO;
import com.deyuanyun.pic.web.support.ApplicationPropertiesListener;
import org.apache.commons.lang.StringUtils;

import javax.servlet.*;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.List;

/**
 * Created by Administrator on 2014/12/5.
 * 过滤掉一些特殊字符
 */
public class StringFilter implements Filter {


    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        //Enumeration params = servletRequest.getParameterNames();
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        String requestUrl = request.getRequestURI();
        String referer=request.getHeader("Referer");

        if (StringUtils.endsWith(requestUrl,".json")
                &&!SessionVOInterceptor.isInWhiteBillContains(requestUrl)
                &&!SessionVOInterceptor.isInWhiteBill(requestUrl)
                && ApplicationPropertiesListener.devMod==false){
            HttpSession session=request.getSession();
            Object u=request.getSession().getAttribute(SessionCacheSupport2.USERLOGINID+"__");
            UserSessionVO sessionVO1=null;
            if (u!=null){
                sessionVO1=SessionCacheSupport2.get((String) u);
            }

            if (u==null && sessionVO1==null){
                String jsid="";
                Cookie[] cookie=request.getCookies();
                if (cookie!=null) {
                    for (Cookie cookie2 : cookie) {
                        if ("Jsid".equals(cookie2.getName())) {
                            jsid = cookie2.getValue();
                        }
                    }
                }
                if (StringUtils.isNotBlank(jsid)){
                    List<UserSessionVO> sessionVOList=SessionCacheSupport2.getOnlineUser();
                    if (sessionVOList!=null) {
                        for (UserSessionVO sessionVO : sessionVOList) {
                            if (jsid.equals(sessionVO.getSessionID())) {
                                sessionVO.setServletSessionID(session.getId());
                                session.setAttribute(SessionCacheSupport2.USERLOGINID + "__", sessionVO.getUsername());
                                break;
                            }
                        }
                    }
                }

            }else  if (sessionVO1==null&&u!=null){
                session.removeAttribute(SessionCacheSupport2.USERLOGINID+"__");
            }else if (sessionVO1!=null && u==null){
                session.setAttribute(SessionCacheSupport2.USERLOGINID + "__", sessionVO1.getUsername());
            }

            u=session.getAttribute(SessionCacheSupport2.USERLOGINID+"__");
            if (u!=null){
                sessionVO1=SessionCacheSupport2.get((String) u);
            }
            if (sessionVO1==null){
                String re="{\"bool\":false,\"message\":\"sessionStatusFalse\",\"needFormat_\":\"need\",\"result\":\"未登录或者已过期\"}";
                session.removeAttribute(SessionCacheSupport2.USERLOGINID+"__");
                org.apache.shiro.SecurityUtils.getSubject().logout();
                AjaxResponse.sendText(response,re);
                return;
            }
        }

        

        if (StringUtils.endsWith(requestUrl,".html")){
            if (StringUtils.endsWith(requestUrl,"login.html")){
                response.sendRedirect("index.html");
                return;
            }

            String headerAccept = request.getHeader("Accept");
            if (("image/webp,*/*;q=0.8".equalsIgnoreCase(headerAccept)
                    ||("image/webp,image/*,*/*;q=0.8".equalsIgnoreCase(headerAccept))) && requestUrl.endsWith(".html")
                    && !requestUrl.endsWith("captchaActionlogin.do")) {//要排除掉两个验证码的请求
                return;
            }
        }

        filterChain.doFilter(request, response);
    }

    @Override
    public void destroy() {

    }


}
